Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/AjIP5us9zOXmncBlFC9nYrOtHpg.roa
File: AjIP5us9zOXmncBlFC9nYrOtHpg.roa (raw, json)
Hash identifier: HNxAeotgioVsFqcVYR4QMLas/9sQHJdDjm8QmL1Y3I0=
Subject key identifier: 02:32:0F:E6:EB:3D:CC:E5:E6:9D:C0:65:14:2F:67:62:B3:AD:1E:98
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018570B062AFDF4561DB286624C96FA805BE
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/AjIP5us9zOXmncBlFC9nYrOtHpg.roa
Signing time: Mon 02 Jan 2023 04:14:45 +0000
ROA not before: Mon 02 Jan 2023 04:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59447
IP address blocks: 198.55.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
198.55.30.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
185.161.110.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.176.0/24 maxlen: 24
162.218.179.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.0.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
167.160.4.0/24 maxlen: 24
167.160.3.0/24 maxlen: 24
162.222.90.0/24 maxlen: 24
162.222.89.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
167.160.12.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.19.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
107.150.163.0/24 maxlen: 24
107.150.162.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
107.150.167.0/24 maxlen: 24
107.150.168.0/24 maxlen: 24
107.150.169.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
2a07:5140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:62:af:df:45:61:db:28:66:24:c9:6f:a8:05:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jan 2 04:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02320fe6eb3dcce5e69dc065142f6762b3ad1e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3a:2b:73:3b:02:71:6b:df:a5:0a:3a:ab:16:
5a:81:da:1d:01:9b:d7:3a:d2:e8:7f:9b:1f:b2:99:
c9:0b:d6:90:30:73:2a:19:bc:a1:5e:ef:f2:7d:9f:
56:1f:6d:94:bb:77:3c:af:f9:92:23:3a:27:4e:ba:
46:c1:70:ca:0e:32:ab:20:b0:c3:b4:0e:d8:c5:1e:
ce:61:21:73:ad:d3:36:1f:1e:fe:a9:00:f2:0b:52:
86:55:bc:f0:10:7d:f7:cb:82:7a:60:81:eb:38:1a:
8e:c8:b2:a1:5d:fe:49:d6:a4:56:1c:f0:4c:81:69:
80:9b:28:c1:fc:e6:3f:ec:a6:f2:ba:67:8d:80:27:
9f:27:0f:f9:47:53:d6:18:89:3e:79:6c:d5:60:f4:
01:58:5e:89:63:ce:a2:fa:74:f6:75:3d:1e:1e:40:
55:9a:25:e0:6d:70:b0:5d:0e:da:d0:fd:b6:fb:60:
31:2c:87:4c:4f:2a:73:bc:0e:ab:5f:11:20:19:b2:
10:2f:ad:b2:9e:03:13:d5:af:26:3b:6a:53:9e:e0:
4e:fd:dd:47:d1:ab:a3:8c:06:ef:c1:8c:95:f1:e5:
3b:d2:3a:d3:01:b7:2f:a5:46:e7:a2:d0:ff:e1:9c:
38:73:c1:7c:c4:00:03:a6:fb:ed:46:b1:1e:bd:74:
6e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:32:0F:E6:EB:3D:CC:E5:E6:9D:C0:65:14:2F:67:62:B3:AD:1E:98
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/AjIP5us9zOXmncBlFC9nYrOtHpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.166.0-107.150.169.255
107.150.171.0-107.150.173.255
107.150.175.0/24
162.218.176.0/22
162.222.89.0-162.222.90.255
167.160.0.0-167.160.4.255
167.160.12.0/23
167.160.16.0/23
167.160.19.0/24
167.160.21.0/24
167.160.28.0-167.160.30.255
185.4.225.0/24
185.161.110.0/23
185.212.174.0/24
198.55.28.0/22
IPv6:
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
84:1c:47:eb:3e:a0:70:6b:6b:43:56:6d:f8:6e:43:19:e2:f1:
a5:ea:c4:9b:6a:15:10:6e:8d:d2:53:70:58:be:ab:1e:4a:41:
d1:cd:f6:ae:5f:d3:04:ca:35:16:a1:a3:87:20:dd:41:01:f2:
24:67:36:12:79:2a:29:d8:44:15:19:ad:5e:37:4b:ab:20:15:
f4:49:76:59:47:76:ec:c0:26:66:67:c6:d5:44:20:a8:d1:d1:
73:c3:18:65:4d:72:ea:77:26:aa:74:36:8a:86:cf:a1:03:c1:
04:e2:71:9c:e8:9c:a7:be:b1:23:89:a9:dc:ed:70:6e:27:79:
b8:b5:08:bc:8c:72:e3:63:eb:dc:a8:cb:98:0c:69:66:37:b4:
dc:0c:b0:ee:d7:ff:d5:b0:b1:a6:a9:d6:29:43:28:fc:2c:0c:
48:21:a3:34:a3:90:b4:57:1f:db:18:f8:86:5e:3c:4c:3a:f2:
a5:a0:bc:28:7f:c3:5b:bd:69:fe:bf:85:ff:bb:41:ce:a0:df:
85:f1:9a:e6:ca:7c:8c:f7:75:de:b4:72:f0:23:d3:d0:7f:7d:
7c:82:31:4f:c7:5d:60:f2:a0:a7:b9:fd:4e:48:08:94:b8:5a:
12:68:19:dc:af:d9:fa:72:fa:f9:1e:cc:c7:37:a2:5d:a7:96:
46:c9:a4:a5
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYVwsGKv30Vh2yhmJMlvqAW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwMTAyMDQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjMyMGZlNmViM2RjY2U1ZTY5ZGMwNjUxNDJmNjc2MmIzYWQxZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjorczsCcWvfpQo6qxZagdodAZvX
OtLof5sfspnJC9aQMHMqGbyhXu/yfZ9WH22Uu3c8r/mSIzonTrpGwXDKDjKrILDD
tA7YxR7OYSFzrdM2Hx7+qQDyC1KGVbzwEH33y4J6YIHrOBqOyLKhXf5J1qRWHPBM
gWmAmyjB/OY/7KbyumeNgCefJw/5R1PWGIk+eWzVYPQBWF6JY86i+nT2dT0eHkBV
miXgbXCwXQ7a0P22+2AxLIdMTypzvA6rXxEgGbIQL62yngMT1a8mO2pTnuBO/d1H
0aujjAbvwYyV8eU70jrTAbcvpUbnotD/4Zw4c8F8xAADpvvtRrEevXRuyQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFAIyD+brPczl5p3AZRQvZ2KzrR6YMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvQWpJUDV1czl6T1htbmNCbEZDOW5Zck90SHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBvgQCAAEwgbcwDAME
ABf8QwMEABf8RAMEABf8RzAMAwQAF/xLAwQAF/xMAwQAF/xPMAwDBAFrlqIDBABr
lqQwDAMEAWuWpgMEAWuWqDAMAwQAa5arAwQBa5asAwQAa5avAwQCotqwMAwDBACi
3lkDBACi3lowCwMDBaegAwQAp6AEAwQBp6AMAwQBp6AQAwQAp6ATAwQAp6AVMAwD
BAKnoBwDBACnoB4DBAC5BOEDBAG5oW4DBAC51K4DBALGNxwwDQQCAAIwBwMFAyoH
UUAwDQYJKoZIhvcNAQELBQADggEBAIQcR+s+oHBra0NWbfhuQxni8aXqxJtqFRBu
jdJTcFi+qx5KQdHN9q5f0wTKNRaho4cg3UEB8iRnNhJ5KinYRBUZrV43S6sgFfRJ
dllHduzAJmZnxtVEIKjR0XPDGGVNcup3Jqp0NoqGz6EDwQTicZzonKe+sSOJqdzt
cG4nebi1CLyMcuNj69yoy5gMaWY3tNwMsO7X/9Wwsaap1ilDKPwsDEghozSjkLRX
H9sY+IZePEw68qWgvCh/w1u9af6/hf+7Qc6g34XxmubKfIz3dd60cvAj09B/fXyC
MU/HXWDyoKe5/U5ICJS4WhJoGdyv2fpy+vkezMc3ol2nlkbJpKU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:54 2025 by rpki-client